Overview

overview

4

Static

static

4

CIS_MS_Win...it.zip

windows10-1703-x64

1

CIS_MS_Win...Me.pdf

windows10-1703-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    CIS_MS_Windows_10_Demo_Build_Kit.zip

  • Size

    1.1MB

  • MD5

    bbe17e88d2d2dbfa318f4b3d01b239e8

  • SHA1

    418e4a173b508a72f04b4e97b21da4625504e967

  • SHA256

    16b7cb6f983570409c841b9110c3376f4a658c957ce868fcfa6ae39a3cced824

  • SHA512

    d902c1fd26743af62587f6493cc507ee0525b63e3e06aff93b77238e513bee62621224449a1646fa5034b5ce231d30751c7338e07c51510c8bd07b7195366444

  • SSDEEP

    24576:LLVdl65pauhBl+EomJrerTcSt1d8C5xtCSIdgrymaVl29:LLV0aAlLLrerThf35xtCfU449

Score
4/10
pdflink

Malware Config

Signatures

  • HTTP links in PDF interactive object 1 IoCs

    Detects HTTP links in interactive objects within PDF files.

    pdflink
  • One or more HTTP URLs in PDF identified

    Detects presence of HTTP links in PDF files.

    pdflink

Files

  • CIS_MS_Windows_10_Demo_Build_Kit.zip
    .zip
  • CIS_MS_Windows_10_Demo_Build_Kit/Demo Read Me.pdf
    .pdf

    • http://LGPO.zip

    • https://blogs.technet.microsoft.com/secguide/2016/01/21/lgpo-exe-local-group-policy-object-utility-v1-0/

  • CIS_MS_Windows_10_Demo_Build_Kit/Windows 10 Demo COMP L1 Settings/manifest.xml
  • CIS_MS_Windows_10_Demo_Build_Kit/Windows 10 Demo COMP L1 Settings/{2CA91714-1A88-4B51-ABFC-238245F1E2EA}/Backup.xml
    .xml
  • CIS_MS_Windows_10_Demo_Build_Kit/Windows 10 Demo COMP L1 Settings/{2CA91714-1A88-4B51-ABFC-238245F1E2EA}/DomainSysvol/GPO/Machine/comment.cmtx
  • CIS_MS_Windows_10_Demo_Build_Kit/Windows 10 Demo COMP L1 Settings/{2CA91714-1A88-4B51-ABFC-238245F1E2EA}/DomainSysvol/GPO/Machine/microsoft/windows nt/Audit/audit.csv
  • CIS_MS_Windows_10_Demo_Build_Kit/Windows 10 Demo COMP L1 Settings/{2CA91714-1A88-4B51-ABFC-238245F1E2EA}/DomainSysvol/GPO/Machine/microsoft/windows nt/SecEdit/GptTmpl.inf
  • CIS_MS_Windows_10_Demo_Build_Kit/Windows 10 Demo COMP L1 Settings/{2CA91714-1A88-4B51-ABFC-238245F1E2EA}/DomainSysvol/GPO/Machine/registry.pol
  • CIS_MS_Windows_10_Demo_Build_Kit/Windows 10 Demo COMP L1 Settings/{2CA91714-1A88-4B51-ABFC-238245F1E2EA}/bkupInfo.xml
  • CIS_MS_Windows_10_Demo_Build_Kit/Windows 10 Demo COMP L1 Settings/{2CA91714-1A88-4B51-ABFC-238245F1E2EA}/gpreport.xml
  • CIS_MS_Windows_10_Demo_Build_Kit/Windows 10 Demo COMP L2 Settings/manifest.xml
  • CIS_MS_Windows_10_Demo_Build_Kit/Windows 10 Demo COMP L2 Settings/{98564187-A777-4AF5-A7CE-75B39D3BC8DF}/Backup.xml
    .xml
  • CIS_MS_Windows_10_Demo_Build_Kit/Windows 10 Demo COMP L2 Settings/{98564187-A777-4AF5-A7CE-75B39D3BC8DF}/DomainSysvol/GPO/Machine/comment.cmtx
  • CIS_MS_Windows_10_Demo_Build_Kit/Windows 10 Demo COMP L2 Settings/{98564187-A777-4AF5-A7CE-75B39D3BC8DF}/DomainSysvol/GPO/Machine/microsoft/windows nt/SecEdit/GptTmpl.inf
  • CIS_MS_Windows_10_Demo_Build_Kit/Windows 10 Demo COMP L2 Settings/{98564187-A777-4AF5-A7CE-75B39D3BC8DF}/DomainSysvol/GPO/Machine/registry.pol
  • CIS_MS_Windows_10_Demo_Build_Kit/Windows 10 Demo COMP L2 Settings/{98564187-A777-4AF5-A7CE-75B39D3BC8DF}/bkupInfo.xml
  • CIS_MS_Windows_10_Demo_Build_Kit/Windows 10 Demo COMP L2 Settings/{98564187-A777-4AF5-A7CE-75B39D3BC8DF}/gpreport.xml
  • CIS_MS_Windows_10_Demo_Build_Kit/Windows 10 Demo USER L1 Settings/manifest.xml
  • CIS_MS_Windows_10_Demo_Build_Kit/Windows 10 Demo USER L1 Settings/{DF7469F5-025A-4C69-A506-BF06831D2F10}/Backup.xml
    .xml
  • CIS_MS_Windows_10_Demo_Build_Kit/Windows 10 Demo USER L1 Settings/{DF7469F5-025A-4C69-A506-BF06831D2F10}/DomainSysvol/GPO/User/comment.cmtx
  • CIS_MS_Windows_10_Demo_Build_Kit/Windows 10 Demo USER L1 Settings/{DF7469F5-025A-4C69-A506-BF06831D2F10}/DomainSysvol/GPO/User/registry.pol
  • CIS_MS_Windows_10_Demo_Build_Kit/Windows 10 Demo USER L1 Settings/{DF7469F5-025A-4C69-A506-BF06831D2F10}/bkupInfo.xml
  • CIS_MS_Windows_10_Demo_Build_Kit/Windows 10 Demo USER L1 Settings/{DF7469F5-025A-4C69-A506-BF06831D2F10}/gpreport.xml
  • CIS_MS_Windows_10_Demo_Build_Kit/Windows 10 Demo USER L2 Settings/manifest.xml
  • CIS_MS_Windows_10_Demo_Build_Kit/Windows 10 Demo USER L2 Settings/{72477AB0-A77F-48E7-9806-1320471DC72F}/Backup.xml
    .xml
  • CIS_MS_Windows_10_Demo_Build_Kit/Windows 10 Demo USER L2 Settings/{72477AB0-A77F-48E7-9806-1320471DC72F}/DomainSysvol/GPO/User/comment.cmtx
  • CIS_MS_Windows_10_Demo_Build_Kit/Windows 10 Demo USER L2 Settings/{72477AB0-A77F-48E7-9806-1320471DC72F}/DomainSysvol/GPO/User/registry.pol
  • CIS_MS_Windows_10_Demo_Build_Kit/Windows 10 Demo USER L2 Settings/{72477AB0-A77F-48E7-9806-1320471DC72F}/bkupInfo.xml
  • CIS_MS_Windows_10_Demo_Build_Kit/Windows 10 Demo USER L2 Settings/{72477AB0-A77F-48E7-9806-1320471DC72F}/gpreport.xml